Zentyal Forum, Linux Small Business Server
Zentyal Server => Other modules => Topic started by: hshafi on June 02, 2020, 01:25:51 pm
-
I am using zentyal 6.0
have been working fine for a very long time.
However webadmin has stopped working last week. couldnt figure out how to:
can start from terminal by:
sudo zs webadmin start
but when checked again with
sudo zs webadmin status
it says stopped.
Need help!
-
Can you check /var/log/zentyal/zentyal.log for any clues/errors?
Do you get any errors when doing the zs webadmin start?
For example : * Restarting Zentyal module: webadmin [fail]
Error loading class: EBox::SysInfo error: Global symbol "$lastVersion" requires explicit package name (did you forget to declare "my $lastVersion"?) at /usr/share/perl5/EBox/SysInfo.pm line 330.
BEGIN not safe after errors--compilation aborted at /usr/share/perl5/EBox/SysInfo.pm line 444.
Compilation failed in require at (eval 692) line 1.
BEGIN failed--compilation aborted at (eval 692) line 1.
-
No there are no errors when i run
zs webadmin start
when I check with
zs webadmin status
it says [stopped]
-
You did not mention if there were any clues in the Zentyal log file /var/log/zentyal/zentyal.log. Please look at this log as soon as you do the zs webadmin restart command
The webadmin interface is served by nginx. if you run 'ps -ef |grep nginx' (without the ' quotes) you should see output like this below : -
root 13993 1 0 May27 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf
www-data 14001 13993 0 May27 ? 00:01:19 nginx: worker process
www-data 14002 13993 0 May27 ? 00:00:00 nginx: worker process
www-data 14003 13993 0 May27 ? 00:00:07 nginx: worker process
www-data 14004 13993 0 May27 ? 00:00:26 nginx: worker process
If you do see the above, can you send the contents of /var/lib/zentyal/conf/nginx.conf to check the settings?
-
Below is /var/lib/zentyal/conf/nginx.conf
user www-data;
worker_processes 4;
daemon off;
pid /var/lib/zentyal/tmp/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
client_max_body_size 50m;
server_names_hash_bucket_size 64;
server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
error_log /var/log/zentyal/error.log;
# log_format combined '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'
# FIXME: This log format is missing %{forensic-id}n from Apache, is needed?
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
map $ssl_client_s_dn $ssl_client_s_dn_o {
default "";
~/O=(?<O>[^/]+) $O;
}
map $ssl_client_s_dn $ssl_client_s_dn_cn {
default "";
~/CN=(?<CN>[^/]+) $CN;
}
map $ssl_client_i_dn $ssl_client_i_dn_o {
default "";
~/O=(?<O>[^/]+) $O;
}
server {
listen 8443;
ssl on;
ssl_certificate /var/lib/zentyal/conf/ssl/ssl.pem;
ssl_certificate_key /var/lib/zentyal/conf/ssl/ssl.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK";
ssl_prefer_server_ciphers on;
access_log /var/log/zentyal/access.log;
root /usr/share/zentyal/www;
# First attempt to serve request as file, then
# as directory, then fall back to proxy.
try_files $uri @proxy;
error_page 502 /errors/502.html;
location = /errors/502.html {
root /usr/share/zentyal/www;
}
# To allow POST on static pages (needed for vncviewer in zentyal-virt)
error_page 405 =200 $uri;
location /data/ {
root /usr/share/zentyal/www;
rewrite ^/data/(.*)$ /$1 break;
return 403;
}
location /dynamic-data/ {
root /var/lib/zentyal/dynamicwww/;
rewrite ^/dynamic-data/(.*)$ /$1 break;
return 403;
}
include /var/lib/zentyal/conf/nginx-*.conf;
location @proxy {
uwsgi_pass unix:///run/zentyal-webadmin/webadmin.sock;
uwsgi_read_timeout 180;
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_ADDR $server_addr;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
uwsgi_param HTTP_X_FORWARDED_PROTO https;
}
}
}
-
Dear hshafi,
That file looks OK. However, you have not answered any of the questions regarding if the process is running "nginx: master process /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf", or if there are any errors reported in /var/log/zentyal/zentyal.log (you could also check /var/log/zentyal/error.log.
Perhaps you could check to see if nginx is listening on the correct ports by running 'sudo lsof |grep 8443' (without the '), you should get an output similar to: -
nginx 13303 root 9u IPv4 91944 0t0 TCP *:8443 (LISTEN)
nginx 13311 www-data 9u IPv4 91944 0t0 TCP *:8443 (LISTEN)
nginx 13312 www-data 9u IPv4 91944 0t0 TCP *:8443 (LISTEN)
nginx 13313 www-data 9u IPv4 91944 0t0 TCP *:8443 (LISTEN)
nginx 13314 www-data 9u IPv4 91944 0t0 TCP *:8443 (LISTEN)
If you do get these outputs then you should be able to get to the webadmin pages.
If you get no output, then nginx is not running. Check with 'sudo lsof' just to make sure that there are processes listening on your system
I hope this is of use to you. Please give some extra detail with your next response as it is hard to diagnose your issue without more information.
-
when I run:
sudo lsof |grep 8443
I get
sudo: lsof: command not found
Therefore I ran
ps -ef |grep nginx
This is the response
delta 1611 1519 0 02:23 pts/1 00:00:00 grep --color=auto nginx
root 2320 1 0 Jun06 ? 00:00:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 2321 2320 0 Jun06 ? 00:00:00 nginx: worker process
www-data 2322 2320 0 Jun06 ? 00:00:00 nginx: worker process
www-data 2323 2320 0 Jun06 ? 00:00:00 nginx: worker process
www-data 2324 2320 0 Jun06 ? 00:00:00 nginx: worker process
when I ran
sudo /usr/sbin/nginx -c /var/lib/zentyal/conf/nginx.conf
This is the response
nginx: [emerg] SSL_CTX_use_PrivateKey_file("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
So I assume something wrong with SSL or certificates!
what do you suggest?
-
:)
Did you change the default pem file? Please run these commands to check the modulus of the certificate and the private key:
openssl rsa -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
openssl x509 -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
The modulus should be equals.
Cheers!
-
Ran these commands and check the moduls
openssl rsa -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
openssl x509 -in /var/lib/zentyal/conf/ssl/ssl.pem -noout -modulus
The results were not the same
how to create new certificates and keys ? would that solve?
-
:)
You can generate a new certificate with the CA Zentyal module: https://doc.zentyal.org/en/ca.html#services-certificates (https://doc.zentyal.org/en/ca.html#services-certificates)
If you like command line: https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl (https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl)
Cheers!
-
Thanks.
It worked. after creating new ssl certificates
-
I'm glad you got it sorted. Sorry that I did not get back to you.